CVE-2024-58097

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> wifi: ath11k: fix RCU stall while reaping monitor destination ring<br /> <br /> While processing the monitor destination ring, MSDUs are reaped from the<br /> link descriptor based on the corresponding buf_id.<br /> <br /> However, sometimes the driver cannot obtain a valid buffer corresponding<br /> to the buf_id received from the hardware. This causes an infinite loop<br /> in the destination processing, resulting in a kernel crash.<br /> <br /> kernel log:<br /> ath11k_pci 0000:58:00.0: data msdu_pop: invalid buf_id 309<br /> ath11k_pci 0000:58:00.0: data dp_rx_monitor_link_desc_return failed<br /> ath11k_pci 0000:58:00.0: data msdu_pop: invalid buf_id 309<br /> ath11k_pci 0000:58:00.0: data dp_rx_monitor_link_desc_return failed<br /> <br /> Fix this by skipping the problematic buf_id and reaping the next entry,<br /> replacing the break with the next MSDU processing.<br /> <br /> Tested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30<br /> Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1